Commit 6c0a8c5f authored by Chuck Lever's avatar Chuck Lever Committed by Trond Myklebust
Browse files

NFS: Have struct nfs_client carry a TLS policy field 



The new field is used to match struct nfs_clients that have the same
TLS policy setting.

Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
Reviewed-by: default avatarJeff Layton <jlayton@kernel.org>
Signed-off-by: default avatarTrond Myklebust <trond.myklebust@hammerspace.com>
parent 75eb6af7

fs/nfs/client.c

+8 −0
Original line number Diff line number Diff line
@@ -184,6 +184,7 @@ struct nfs_client *nfs_alloc_client(const struct nfs_client_initdata *cl_init) 
	clp->cl_net = get_net(cl_init->net);



	clp->cl_principal = "*";

	clp->cl_xprtsec = cl_init->xprtsec;

	return clp;



error_cleanup:
@@ -326,6 +327,10 @@ static struct nfs_client *nfs_match_client(const struct nfs_client_initdata *dat 
							   sap))

				continue;



		/* Match the xprt security policy */

		if (clp->cl_xprtsec.policy != data->xprtsec.policy)

			continue;



		refcount_inc(&clp->cl_count);

		return clp;

	}
@@ -675,6 +680,9 @@ static int nfs_init_server(struct nfs_server *server, 
		.cred = server->cred,

		.nconnect = ctx->nfs_server.nconnect,

		.init_flags = (1UL << NFS_CS_REUSEPORT),

		.xprtsec = {

			.policy = RPC_XPRTSEC_NONE,

		},

	};

	struct nfs_client *clp;

	int error;

fs/nfs/internal.h

+1 −0
Original line number Diff line number Diff line
@@ -81,6 +81,7 @@ struct nfs_client_initdata { 
	struct net *net;

	const struct rpc_timeout *timeparms;

	const struct cred *cred;

	struct xprtsec_parms xprtsec;

};



/*

fs/nfs/nfs3client.c

+1 −0
Original line number Diff line number Diff line
@@ -93,6 +93,7 @@ struct nfs_client *nfs3_set_ds_client(struct nfs_server *mds_srv, 
		.net = mds_clp->cl_net,

		.timeparms = &ds_timeout,

		.cred = mds_srv->cred,

		.xprtsec = mds_clp->cl_xprtsec,

	};

	struct nfs_client *clp;

	char buf[INET6_ADDRSTRLEN + 1];

fs/nfs/nfs4client.c

+15 −5
Original line number Diff line number Diff line
@@ -896,7 +896,8 @@ static int nfs4_set_client(struct nfs_server *server, 
		int proto, const struct rpc_timeout *timeparms,

		u32 minorversion, unsigned int nconnect,

		unsigned int max_connect,

		struct net *net)

		struct net *net,

		struct xprtsec_parms *xprtsec)

{

	struct nfs_client_initdata cl_init = {

		.hostname = hostname,
@@ -909,6 +910,7 @@ static int nfs4_set_client(struct nfs_server *server, 
		.net = net,

		.timeparms = timeparms,

		.cred = server->cred,

		.xprtsec = *xprtsec,

	};

	struct nfs_client *clp;
@@ -978,6 +980,7 @@ struct nfs_client *nfs4_set_ds_client(struct nfs_server *mds_srv, 
		.net = mds_clp->cl_net,

		.timeparms = &ds_timeout,

		.cred = mds_srv->cred,

		.xprtsec = mds_srv->nfs_client->cl_xprtsec,

	};

	char buf[INET6_ADDRSTRLEN + 1];
@@ -1127,6 +1130,9 @@ static int nfs4_server_common_setup(struct nfs_server *server, 
static int nfs4_init_server(struct nfs_server *server, struct fs_context *fc)

{

	struct nfs_fs_context *ctx = nfs_fc2context(fc);

	struct xprtsec_parms xprtsec = {

		.policy		= RPC_XPRTSEC_NONE,

	};

	struct rpc_timeout timeparms;

	int error;
@@ -1157,7 +1163,8 @@ static int nfs4_init_server(struct nfs_server *server, struct fs_context *fc) 
				ctx->minorversion,

				ctx->nfs_server.nconnect,

				ctx->nfs_server.max_connect,

				fc->net_ns);

				fc->net_ns,

				&xprtsec);

	if (error < 0)

		return error;
@@ -1247,7 +1254,8 @@ struct nfs_server *nfs4_create_referral_server(struct fs_context *fc) 
				parent_client->cl_mvops->minor_version,

				parent_client->cl_nconnect,

				parent_client->cl_max_connect,

				parent_client->cl_net);

				parent_client->cl_net,

				&parent_client->cl_xprtsec);

	if (!error)

		goto init_server;

#endif	/* IS_ENABLED(CONFIG_SUNRPC_XPRT_RDMA) */
@@ -1263,7 +1271,8 @@ struct nfs_server *nfs4_create_referral_server(struct fs_context *fc) 
				parent_client->cl_mvops->minor_version,

				parent_client->cl_nconnect,

				parent_client->cl_max_connect,

				parent_client->cl_net);

				parent_client->cl_net,

				&parent_client->cl_xprtsec);

	if (error < 0)

		goto error;
@@ -1336,7 +1345,8 @@ int nfs4_update_server(struct nfs_server *server, const char *hostname, 
	error = nfs4_set_client(server, hostname, sap, salen, buf,

				clp->cl_proto, clnt->cl_timeout,

				clp->cl_minorversion,

				clp->cl_nconnect, clp->cl_max_connect, net);

				clp->cl_nconnect, clp->cl_max_connect,

				net, &clp->cl_xprtsec);

	clear_bit(NFS_MIG_TSM_POSSIBLE, &server->mig_status);

	if (error != 0) {

		nfs_server_insert_lists(server);

include/linux/nfs_fs_sb.h

+2 −1
Original line number Diff line number Diff line
@@ -64,6 +64,7 @@ struct nfs_client { 
	unsigned int		cl_nconnect;	/* Number of connections */

	unsigned int		cl_max_connect; /* max number of xprts allowed */

	const char *		cl_principal;	/* used for machine cred */

	struct xprtsec_parms	cl_xprtsec;	/* xprt security policy */



#if IS_ENABLED(CONFIG_NFS_V4)

	struct list_head	cl_ds_clients; /* auth flavor data servers */